<?php
session_start();
include_once("../inc/conn.php");
include_once("../inc/escape.php") ; 
include_once("../inc/unescape.php") ;
include_once("remove_bad_words.php");
include_once("comment_page.php");

$joke_id=str_replace("\"","'",trim($_POST["joke_id"]));
$content=str_replace("\"","'",unescape(trim($_POST["content"])));
$modify_content = remove_bad_words($content);

date_default_timezone_set('PRC');
$pubtime=date("y-n-j H:i:s");

$commenter=$_SESSION["account_name"];

$sql="insert into comments(joke_id,content,pubtime,commenter) VALUES ";
$sql=$sql ."('". $joke_id   ."',";
$sql=$sql . "'". $modify_content    ."',";
$sql=$sql . "'". $pubtime     ."',";
$sql=$sql . "'". $commenter     ."')";


mysql_query($sql);
echo escape(comment_page(1,$joke_id));

?>


